Skip to content

docs: add array.concat and array.slice examples to array.mdx #8669

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
omribz156 wants to merge 1 commit into
base: main
Choose a base branch
from
Open

docs: add array.concat and array.slice examples to array.mdx #8669

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 6 additions & 0 deletions docs/docs/policy-reference/_examples/array/concat/merging-label-requirements/config.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
{
"showInput": true,
"showData": false,
"showTitles": false,
"titleSize": 4
}
1 change: 1 addition & 0 deletions docs/docs/policy-reference/_examples/array/concat/merging-label-requirements/data.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
{}
8 changes: 8 additions & 0 deletions docs/docs/policy-reference/_examples/array/concat/merging-label-requirements/input.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,8 @@
{
"metadata": {
"labels": {
"app": "web",
"owner": "platform-team"
}
}
}
5 changes: 5 additions & 0 deletions ...ocs/policy-reference/_examples/array/concat/merging-label-requirements/intro.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
<!-- markdownlint-disable MD041 -->

`array.concat` joins two arrays in order. A common use is building a complete
Copy link
Copy Markdown
Contributor

@johanfylling johanfylling May 26, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Since this'll be injected into the content in array.mdx, the reader will experience a bit of a hiccup in the text. E.g.:

### array.concat

array.concat joins two arrays in order, producing a new array that contains all elements of the first array followed by all elements of the second.

#### Merging base and environment label requirements

array.concat joins two arrays in order. A common use is building a complete validation list by merging a shared base set of rules with environment-specific additions, then iterating the result in a single deny rule.

Consider dropping the redundant text from here to make it read a bit better. Same for array.slice.

validation list by merging a shared base set of rules with environment-specific
additions, then iterating the result in a single `deny` rule.
20 changes: 20 additions & 0 deletions docs/docs/policy-reference/_examples/array/concat/merging-label-requirements/output.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,20 @@
{
"base_required_labels": [
"app",
"owner"
],
"deny": [
"missing required label: \"cost-center\"",
"missing required label: \"environment\""
],
"env_required_labels": [
"environment",
"cost-center"
],
"required_labels": [
"app",
"owner",
"environment",
"cost-center"
]
}
15 changes: 15 additions & 0 deletions docs/docs/policy-reference/_examples/array/concat/merging-label-requirements/policy.rego
View file
Open in desktop
Copy link
Copy Markdown
Contributor

@johanfylling johanfylling May 26, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Consider reducing the complexity of this rule, as the important part (array.concat) might get lost in the weeds for the reader.

Original file line number Diff line number Diff line change
@@ -0,0 +1,15 @@
package play

# Merge base required labels with environment-specific ones.
base_required_labels := ["app", "owner"]

env_required_labels := ["environment", "cost-center"]

required_labels := array.concat(base_required_labels, env_required_labels)

# Deny a resource whose metadata is missing any required label.
deny contains msg if {
some label in required_labels
not input.metadata.labels[label]
msg := sprintf("missing required label: %q", [label])
}
1 change: 1 addition & 0 deletions docs/docs/policy-reference/_examples/array/concat/merging-label-requirements/title.txt
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
Merging base and environment label requirements
6 changes: 6 additions & 0 deletions docs/docs/policy-reference/_examples/array/slice/api-version-routing/config.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
{
"showInput": true,
"showData": false,
"showTitles": false,
"titleSize": 4
}
1 change: 1 addition & 0 deletions docs/docs/policy-reference/_examples/array/slice/api-version-routing/data.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
{}
3 changes: 3 additions & 0 deletions docs/docs/policy-reference/_examples/array/slice/api-version-routing/input.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
{
"path": "/api/v2/users/123"
}
6 changes: 6 additions & 0 deletions docs/docs/policy-reference/_examples/array/slice/api-version-routing/intro.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
<!-- markdownlint-disable MD041 -->

`array.slice` returns the sub-array from index `start` (inclusive) to `stop`
(exclusive). A common use is extracting a fixed-length prefix from a
variable-length path after splitting it into segments, so the routing logic
stays independent of how deep the path goes.
16 changes: 16 additions & 0 deletions docs/docs/policy-reference/_examples/array/slice/api-version-routing/output.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,16 @@
{
"api_version": "v2",
"deny": [
"unsupported API version \"v2\"; only v1 is allowed"
],
"path_segments": [
"api",
"v2",
"users",
"123"
],
"route_prefix": [
"api",
"v2"
]
}
17 changes: 17 additions & 0 deletions docs/docs/policy-reference/_examples/array/slice/api-version-routing/policy.rego
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,17 @@
package play

# Split a request path into segments.
# e.g. "/api/v1/users/123" → ["api", "v1", "users", "123"]
Copy link
Copy Markdown
Contributor

@johanfylling johanfylling May 26, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This arrow won't transition well when the user open's the example in the playground. Consider not using any "special" characters.

path_segments := split(trim_left(input.path, "/"), "/")

# The API version is always the second segment (index 1).
api_version := path_segments[1]

# The first two segments identify the route, regardless of how long the path is.
route_prefix := array.slice(path_segments, 0, 2)
Copy link
Copy Markdown
Contributor

@johanfylling johanfylling May 26, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Similar to the other example policy, I wonder if this policy isn't a bit too complicated for its intended purpose. route_prefix will contain the result of the function we want to demo, but it's not used anywhere in the example.


# Deny requests that do not target a supported API version.
deny contains msg if {
api_version != "v1"
msg := sprintf("unsupported API version %q; only v1 is allowed", [api_version])
}
Comment on lines +14 to +17
Copy link
Copy Markdown
Contributor

@johanfylling johanfylling May 26, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If the final example policies end up using generated strings, consider using string-templates instead of sprintf, as it might reduce the apparent complexity for the reader, making it easier to focus on what's important.

Suggested change
deny contains msg if {
api_version != "v1"
msg := sprintf("unsupported API version %q; only v1 is allowed", [api_version])
}
deny contains $"unsupported API version {api_version}; only v1 is allowed" if {
api_version != "v1"
}

1 change: 1 addition & 0 deletions docs/docs/policy-reference/_examples/array/slice/api-version-routing/title.txt
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
Extracting a route prefix from a request path
16 changes: 16 additions & 0 deletions docs/docs/policy-reference/builtins/array.mdx
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,3 +2,19 @@
title: Arrays
---
<BuiltinTable category={"array"}/>

## Examples

### `array.concat`

`array.concat` joins two arrays in order, producing a new array that contains
all elements of the first array followed by all elements of the second.

<PlaygroundExample dir={require.context('../_examples/array/concat/merging-label-requirements')} />

### `array.slice`

`array.slice` returns the sub-array from index `start` (inclusive) up to
index `stop` (exclusive). Indices follow standard zero-based array indexing.

<PlaygroundExample dir={require.context('../_examples/array/slice/api-version-routing')} />